diff --git a/CHANGELOG.md b/CHANGELOG.md index 77d16f2..29b82f7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,7 +11,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) ## [Unreleased] +### Added +- git: ssh key signing + ### Changed +- git: restructure multiple configs, using relative include file paths + ## 2023-09-28 ### Added diff --git a/git/commit-message-company b/git/commit-message-company new file mode 100644 index 0000000..bbb6e8e --- /dev/null +++ b/git/commit-message-company @@ -0,0 +1,7 @@ +LINEARCODE Summary + +# Elaboration + +# Issue Status: +# Resolve: # +# Related: # diff --git a/git/commit-message-practicalli b/git/commit-message-practicalli new file mode 100644 index 0000000..4090afc --- /dev/null +++ b/git/commit-message-practicalli @@ -0,0 +1,7 @@ +topic: summary + +# Elaboration + +# Issue Status: +# Resolve: # +# Related: # diff --git a/git/commit-message-template b/git/commit-message-template deleted file mode 100644 index d088cf9..0000000 --- a/git/commit-message-template +++ /dev/null @@ -1,6 +0,0 @@ -TICKETCODE Summary - -# Elaboration - -# [Resolve: #] -# [Related: #] diff --git a/git/config b/git/config index d182604..18dc85c 100644 --- a/git/config +++ b/git/config @@ -2,18 +2,30 @@ ## ## Adjust paths if not saved in `~/.config/git/` -## ------ Identity ------ ## +## --- Conditional Configuration +# Uses relative file path to this configuration file -# Default identity configuration +# Default personal identity configuration [include] - path = ~/.config/git/identity-practicalli + path = config-johnny -# Over-ride identify for specific directories -[includeIf "gitdir:~/projects/company-name"] - path = ~/.config/git/identity-company-name +# Practicalli community work +[includeIf "gitdir:~/projects/practicalli/"] + path = config-practicalli +# Commercial work +[includeIf "gitdir:~/commercial-projects/company/"] + path = config-company -## ------ Git Behaviour ------ ## + +## -- Common Git Behaviour + +[init] + # scripts and hooks to add when creating a new local Git repository + # templateDir = ~/.config/git/repo-template/ + + # default branch name when creating a new local repository + defaultBranch = main [core] # Set which editor to use for editing commit messages (when not included with -m) @@ -22,7 +34,7 @@ editor = astronvim # file and directory patterns to ignore across all projects - excludesfile = ~/.config/git/ignore + # excludesfile = ~/.config/git/ignore # Tool to page through long output (e.g. git log). `less` is default # pager = less @@ -30,43 +42,26 @@ # Ensure Linux & MacOSX line endings in checked out text files autocrlf = input -[commit] - # Default commit message - useful if team has a commit message policy - template = ~/.config/git/commit-message-template - [fetch] # Remove deleted remote branches from local repository prune = true -[difftool "meld"] - cmd = meld \"$LOCAL\" \"$REMOTE\" - path = - -[init] - # scripts and hooks to add when creating a new local Git repository - # templateDir = ~/.config/git/repo-template/ +[log] + abbrevCommit = true - # default branch name when creating a new local repository - defaultBranch = main +[push] + # Set local brach to track new remote branch automatically, Git 2.37.0 onward + autoSetupRemote = true -[mergetool "meld"] - cmd = meld \"$LOCAL\" \"$REMOTE\" -ancestor \"$BASE\" -merge \"$MERGED\" - trustExitCode = true +[diff] + tool = nvimdiff [merge] # Include common parent when merge conflicts arise conflictstyle = diff3 -[log] - abbrevCommit = true - -[push] - # Set local brach to track new remote branch automatically - # Requires Git 2.37.0 - autoSetupRemote = true - -## ------ Git commands ------ ## +## --- Git commands # command line shot cuts [alias] @@ -93,7 +88,11 @@ # Set timeout (in 0.1 second steps) before git automatically changes the command # autocorrect = 50 + +## -- Git CLI + [credential "https://github.com"] helper = !/usr/bin/gh auth git-credential [credential "https://gist.github.com"] helper = !/usr/bin/gh auth git-credential + diff --git a/git/config-company-linux b/git/config-company-linux new file mode 100644 index 0000000..dc3eb85 --- /dev/null +++ b/git/config-company-linux @@ -0,0 +1,72 @@ +## ------ Identity ------ ## +# Add details for specific company identity +# Assumes use of Linux for ~ expansion + +# Add identity to all commits +[user] + name = Johnny Stevenson + + # Add company email address to GitHub account + # and use when creating SSH key + email = "johnny@company-name.com" + + # SSH Key signing with allowed SSH key signatures + signingkey = ~/.ssh/id-company.pub + +## Identity for using GitHub API +[github] + user = practicalli-johnny + +## ------ Git Behaviour ------ ## + +[init] + # scripts and hooks to add when creating a new local Git repository + # templateDir = ~/.config/git/repo-template/ + + # default branch name when creating a new local repository + defaultBranch = main + +[core] + # Set which editor to use for editing commit messages (when not included with -m) + # VISUAL or EDITOR environment variables also set the choice of editor + # vi used if not set. Typical examples are nvim or emacsclient + editor = astronvim + + # file and directory patterns to ignore across all projects + excludesfile = ~/.config/git/ignore-company + + # Tool to page through long output (e.g. git log). `less` is default + # pager = less + + # Ensure Linux & MacOSX line endings in checked out text files + autocrlf = input + +[commit] + # Default commit message - useful if team has a commit message policy + template = ~/.config/git/commit-message-company + # Automatically sign every commit + gpgsign = true + +[tag] + # Automatically sign every tag + gpgsign = true + +[fetch] + # Remove deleted remote branches from local repository + prune = true + +## ------ Security ------ ## + +# Use SSH key passphrase stored in MacOSX Keychain with ssh-add command +# ssh-add --apple-use-keychain $HOME/.ssh/id_ed25519 +# [credential] +# helper = osxkeychain + +# Use SSH key to sign commits and tags +[gpg] + format = ssh + +# Self-define SSH keys that should be considered authentic locally +[gpg "ssh"] + allowedSignersFile = ~/.config/git/allowed-signatures-company + diff --git a/git/config-company-macosx b/git/config-company-macosx new file mode 100644 index 0000000..38a5591 --- /dev/null +++ b/git/config-company-macosx @@ -0,0 +1,95 @@ +# Company specific Git configuration +# +# Assumes use of MacOSX and ~ expansion not working for paths +# Replace /Users/practicalli/ path with your own $HOME location + +## -- Identity +# Add identity to all commits +[user] + name = Johnny Stevenson + + # Add company email address to GitHub account + # and use when creating SSH key + email = "johnny@company-name.com" + + # SSH Key signing with allowed SSH key signatures + signingkey = /Users/practicalli/.ssh/id-company.pub + +## Identity for using GitHub API +[github] + user = practicalli-johnny + +## -- Git Behaviour + +[init] + # scripts and hooks to add when creating a new local Git repository + # templateDir = ~/.config/git/repo-template/ + + # default branch name when creating a new local repository + defaultBranch = main + +[core] + # Set which editor to use for editing commit messages (when not included with -m) + # VISUAL or EDITOR environment variables also set the choice of editor + # vi used if not set. Typical examples are nvim or emacsclient + editor = astronvim + + # file and directory patterns to ignore across all projects + excludesfile = /Users/practicalli/.config/git/ignore-company + + # Tool to page through long output (e.g. git log). `less` is default + # pager = less + + # Ensure Linux & MacOSX line endings in checked out text files + autocrlf = input + +[commit] + # Default commit message - useful if team has a commit message policy + template = /Users/practicalli/.config/git/commit-message-company + # Automatically sign every commit + gpgsign = true + +[tag] + # Automatically sign every tag + gpgsign = true + +[fetch] + # Remove deleted remote branches from local repository + prune = true + +## -- Security + +# Use SSH key passphrase stored in MacOSX Keychain with ssh-add command +# ssh-add --apple-use-keychain $HOME/.ssh/id_ed25519 +[credential] + helper = osxkeychain + +# Use SSH key to sign commits and tags +[gpg] + format = ssh + +# Self-define SSH keys that should be considered authentic locally +[gpg "ssh"] + allowedSignersFile = /Users/practicalli/.config/git/allowed-signatures-company + + +## -- Diff & Merge + +# TODO: test configuration for p4merg tool on MacOSX + +# [diff] +# tool = p4merge + +# [difftool "p4merge"] +# cmd = "p4merge $LOCAL $REMOTE" + +# [merge] +# tool = p4merge + +# [mergetool "p4merge"] +# cmd = "p4merge $BASE $LOCAl $REMOTE $MERGED" +# trustExitCode = true +# keepTemporaries = false +# keepBackup = false +# prompt = false + diff --git a/git/config-johnny b/git/config-johnny new file mode 100644 index 0000000..876f4d3 --- /dev/null +++ b/git/config-johnny @@ -0,0 +1,19 @@ +## -- Identity + +# Add identity to all commits +[user] + name = Johnny Practicalli + + # Use GitHub no-reply email address to keep real address private + email = "******+practicalli-john@users.noreply.github.com" + +## Identity for using GitHub API +[github] + user = practicalli-johnny + + +## -- Git Behaviour + +[commit] + # Default commit message - useful if team has a commit message policy + template = ~/.config/git/commit-message-practicalli diff --git a/git/config-practicalli b/git/config-practicalli new file mode 100644 index 0000000..38eaffb --- /dev/null +++ b/git/config-practicalli @@ -0,0 +1,91 @@ +## ------ Identity ------ ## + +# Add identity to all commits +[user] + name = Practicalli Engineering + + # Use GitHub no-reply email address to keep real address private + email = "engineering@practical.li" + + # SSH Key signing (commits & tags( + signingkey = ~/.ssh/id_ed25519.pub + +## Identity for using GitHub API +[github] + user = practicalli-johnny + + +## ------ Security ------ ## + +# Use SSH key to sign commits and tags +[gpg] + format = ssh + +# Self-define SSH keys that should be considered authentic locally +[gpg "ssh"] + allowedSignersFile = ~/.config/git/allowed-signatures + + +## ------ Git Behaviour ------ ## + +[init] + # scripts and hooks to add when creating a new local Git repository + # templateDir = ~/.config/git/repo-template/ + + # default branch name when creating a new local repository + defaultBranch = main + +[core] + # Set which editor to use for editing commit messages (when not included with -m) + # VISUAL or EDITOR environment variables also set the choice of editor + # vi used if not set. Typical examples are nvim or emacsclient + editor = astronvim + + # file and directory patterns to ignore across all projects + excludesfile = ignore + + # Tool to page through long output (e.g. git log). `less` is default + # pager = less + + # Ensure Linux & MacOSX line endings in checked out text files + autocrlf = input + +[commit] + # Default commit message - useful if team has a commit message policy + template = ~/.config/git/commit-message-practicalli + # Automatically sign every commit + gpgsign = true + +[tag] + # Automatically sign every tag + gpgsign = true + +[fetch] + # Remove deleted remote branches from local repository + prune = true + +[diff] + tool = nvimdiff + +# [difftool "meld"] +# cmd = meld \"$LOCAL\" \"$REMOTE\" +# path = + + +[merge] + # Include common parent when merge conflicts arise + conflictstyle = diff3 + +# [mergetool "meld"] +# cmd = meld \"$LOCAL\" \"$REMOTE\" -ancestor \"$BASE\" -merge \"$MERGED\" +# trustExitCode = true + + +[log] + abbrevCommit = true + +[push] + # Set local brach to track new remote branch automatically + # Requires Git 2.37.0 + autoSetupRemote = true + diff --git a/git/identity-company-name b/git/identity-company-name deleted file mode 100644 index d7eef9a..0000000 --- a/git/identity-company-name +++ /dev/null @@ -1,24 +0,0 @@ -## ------ Identity ------ ## -# Add details for specific company identity - -# Add identity to all commits (required for GitHub / GitLab) -[user] - name = John Practicalli - - # Use GitHub no-reply email address to keep real address private - email = "account-name@company-name.com" - - # For signed commits and signed annotated tags - # https://www.git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work#_signing - # signingkey = - -## Identity for using GitHub API -[github] - user = practicalli-john - - # Use `authinfo.gpg` to store tokens for greater security - # oauth-token = ghp_verylongtokenwithlotsofrandomlygeneratedcharacters - # host = api.github.com - -# [credential] -# helper = osxkeychain diff --git a/git/identity-practicalli b/git/identity-practicalli deleted file mode 100644 index a048383..0000000 --- a/git/identity-practicalli +++ /dev/null @@ -1,32 +0,0 @@ -## ------ Identity ------ ## - -# Add identity to all commits (required for GitHub / GitLab) -[user] - name = Practicalli Engineering - - # Use GitHub no-reply email address to keep real address private - email = "engineering@practical.li" - -## Identity for using GitHub API -[github] - user = practicalli-johnny - - - ## ------ Git Behaviour ------ ## -[commit] - # Automatically sign every commit - gpgsign = true - -[tag] - # Automatically sign every tag - gpgsign = true - -# SSH Key signing (commits & tags( -[user] - signingkey = ~/.ssh/id_ed25519.pub -[gpg] - format = ssh -[gpg "ssh"] - allowedSignersFile = ~/.config/git/allowed-signatures - - diff --git a/git/identity-practicalli-john b/git/identity-practicalli-john deleted file mode 100644 index 66e479d..0000000 --- a/git/identity-practicalli-john +++ /dev/null @@ -1,21 +0,0 @@ -## ------ Identity ------ ## - -# Add identity to all commits (required for GitHub / GitLab) -[user] - name = John Practicalli - - # Use GitHub no-reply email address to keep real address private -- email = "******+github-account@users.noreply.github.com" - - # For signed commits and signed annotated tags - # https://www.git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work#_signing - # signingkey = - -## Identity for using GitHub API -[github] - user = practicalli-johnny - - # Use `authinfo.gpg` to store tokens for greater security - # oauth-token = ghp_verylongtokenwithlotsofrandomlygeneratedcharacters - # host = api.github.com - diff --git a/git/ignore-company b/git/ignore-company new file mode 100644 index 0000000..38b9eaa --- /dev/null +++ b/git/ignore-company @@ -0,0 +1,49 @@ +# ------------------------ +# Clojure Project Git Ignore file patterns +# +# `!` proceeding a pattern includes that pattern +# ------------------------ + +# ------------------------ +# General project files +!CHANGEGLOG.md +!CHANGEGLOG.org +!README.md +!docs/ + +# ------------------------ +# Include Clojure project & config +!build.clj +!deps.edn +!pom.xml +!dev/ +!resources/ +!src/ +!test/ + +# ------------------------ +# Include Clojure tools +!.cljstyle # Clojure format +!.dir-locals.el # Emacs (Cider Jack-in) +!compose.yaml # Docker workflow +!Dockerfile +!.dockerignore +!Makefile # Make build automation +!tests.edn # Kaocha test runner + +# ------------------------ +# Include Git & CI workflow +!.gitattributes +!.gitignore +!.github/ + +# ------------------------ +# Include ClojureScript Figwheel +!figwheel-main.edn # Figwheel main config +!*.cljs.edn # Build configurations + +# Include MkDocs files +!docs/ +!includes/ +!overrides/ +!mkdocs.yml